const express = require('express');
const router = express.Router();
const { User } = require('../models');
const bcrypt = require('bcryptjs');

// 用户登录
router.post('/login', async (req, res) => {
  const { username, password } = req.body;
  if (!username || !password) {
    return res.status(400).json({ code: 1, msg: '用户名和密码必填' });
  }
  const user = await User.findOne({ where: { username } });
  if (!user) {
    return res.status(401).json({ code: 1, msg: '用户不存在' });
  }
  const valid = await bcrypt.compare(password, user.password);
  if (!valid) {
    return res.status(401).json({ code: 1, msg: '密码错误' });
  }
  // 这里可以生成 token，简化只返回用户信息
  res.json({ code: 0, msg: '登录成功', data: {
    id: user.id,
    username: user.username,
    nickname: user.nickname,
    mobile: user.mobile
  }});
});

module.exports = router; 